Infosecurity Opinions
In Bots We Trust: Better Enterprise Security Through AI
Post GDPR and pre AI, the enterprise needs to entirely transform its thinking about security.
The Next Big Lesson for Security: Context is King
We need higher-fidelity alerts contextualized across multiple facets of a system.
Security's Role in the Shift Left in Application Security
As the DevSecOps process requires developers to take greater responsibility for securing software as well as building it, consideration must be given as to what this means for members of the security team.
GDPR: Don't Rest on Your Data, We've Only Just Begun
May 25 was the starting line, we never know which way regulators and legislators are going to go until they act.
Crack Cyber Attack Cases ...with Terror Attack Investigation Tactics
Five lessons on how to replicate terror investigations for the benefit of cyber.
Why Life Under GDPR will Encourage Technology Innovation
The GDPR is the first step as data protection evolves from compliance to accountability – creating opportunities to develop new services as well as to improve public perceptions.
Do It Yourself? Could be a Painful Experience
A decision to buy will always be affected by whether or not you trust a vendor.
Security at the Speed of Business
Bringing security professionals into the business conversation as early as possible will allow them to lay out a plan where the business can grow but also be secure,
Batten Down the Hatches against Crypto-Mining Pirates
Cryptocurrency pirates are happy to steal computational power to do it, and they don’t care who they hurt in the process.
We’re Losing the Race to Patch Known Security Flaws: Will GDPR Help?
Virtual Patching is emerging as a solution to the problem of too many unapplied software fixes.
How Much do Passwords Cost your Business?
The cost of supporting password systems, including staffing and infrastructure, can be significant for today’s digital businesses
DMARC Will Not Make Email Secure
DMARC will make little, if any, difference in improving email security respecting phishing because DMARC inadequately addresses both the technical proficiency of dedicated threat actors and their tools of psychological manipulation.
Somebody Else's Security: Rethinking Cloud FUD
The list of enterprise IT organizations who had their private data publicly exposed in 2017 because of misconfigured AWS S3 buckets is long.
Effectively Managing Mistrust for Optimal Cybersecurity
It’s vital that businesses work together to share information to stay one step ahead of the ever-evolving threat landscape.
Undermining Crypto-Threats
Cryptomining has the potential to be as big a threat a ransomware, and it is harder for law enforcement to track the perpetrators.
Establishing Trust in a World without Boundaries
This brave new world has new security challenges, necessitating a new strategy based on a perimeter-less, “zero-trust” approach.
Protecting Privileged Identities: Why IAM starts with PAM
Like any good security measure designed to protect critical information assets, managing and protecting privileged accounts requires both a plan and an ongoing program
Bouncing Back from Cyber Attack
Knowing where to get started a cyber-attack specific disaster recovery plan is always half the battle..
